Alerts and advisories

All alerts and advisories

ASD’s ACSC is aware of a vulnerability (CVE-2025-53770) affecting instances of Microsoft Office SharePoint Server products. Organisations are strongly encouraged to take immediate action to mitigate and detect compromise on relevant systems.

Audience focus: Small & medium businesses Organisations & Critical Infrastructure Government

04 Jul 2025

Alert rating: Critical

Critical vulnerabilities in Citrix Netscaler ADC and NetScaler Gateway Products

The ASD's ACSC is aware of critical vulnerabilities in Citrix Netscaler ADC and NetScaler Gateway Products (CVE-2025-5349, CVE-2025-5777).

Audience focus: Small & medium businesses Organisations & Critical Infrastructure Government

13 Jun 2025

Alert rating: Medium

Scammers impersonating the ASD's ACSC

Scammers are impersonating the ASD's ACSC sending out phishing emails to the public with the email content suggesting to download a malicious antivirus program.

Audience focus: Individuals & families Small & medium businesses Organisations & Critical Infrastructure Government

05 Jun 2025

Advisory

#StopRansomware: Play ransomware

This joint Cybersecurity Advisory (CSA) is part of an ongoing #StopRansomware effort to publish advisories for network defenders that detail various ransomware variants and ransomware threat actors.

Audience focus: Small & medium businesses Organisations & Critical Infrastructure Government

22 May 2025

Advisory

Russian GRU targeting Western logistics entities and technology companies

This joint cybersecurity advisory (CSA) highlights a Russian state-sponsored cyber campaign targeting Western logistics entities and technology companies.

Audience focus: Small & medium businesses Organisations & Critical Infrastructure Government

14 May 2025

Alert rating: Critical

Multiple Vulnerabilities In Ivanti Endpoint Manager Mobile (Ivanti EPMM)

The Australian Signals Directorate’s (ASD) Australian Cyber Security Centre (ACSC) is aware of two vulnerabilities, one medium and one high severity, in Ivanti Endpoint Manager Mobile (EPMM). The ASD’s ACSC recommends organisations patch to the latest version of Ivanti EPMM, available through Ivanti’s download portal, and investigate whether their systems have been compromised.

Audience focus: Organisations & Critical Infrastructure Government

Think you might be impacted?

Cybercrime is the use of a computer or online network to commit crimes such as fraud, online image abuse, identity theft or threats and intimidation.

You can report cybercrime to the police via ReportCyber.

Archived alerts and advisories

View our archived alerts and advisories

What are you looking for?

About us

Learn the basics

Protect yourself

Threats

Report and recover

Resources for business and government

All alerts and advisories

Think you might be impacted?

Archived alerts and advisories

View other content topics

Thanks for your feedback!

Acknowledgement of Country

Alerts and advisories

All alerts and advisories

Vulnerability in Microsoft Office SharePoint Server products

Critical vulnerabilities in Citrix Netscaler ADC and NetScaler Gateway Products

Scammers impersonating the ASD's ACSC

#StopRansomware: Play ransomware

Russian GRU targeting Western logistics entities and technology companies

Multiple Vulnerabilities In Ivanti Endpoint Manager Mobile (Ivanti EPMM)

Think you might be impacted?

Archived alerts and advisories

View other content topics

Never miss a threat

Thanks for your feedback!